-1

I use VNC a lot on a specific machine. But it's on a separate network that I can't reach directly.

+----------------+     +----------------+
| Linux          |     | Windows        |        +---------------+
| VNC client     |     | OpenSSH Server |        | Linux         |
|   192.168.1.100-------192.168.1.22    |        | VNC server    |
|                |     |      10.10.1.33----------10.10.1.44     |
+----------------+     |                |        |               |
                       +----------------+        +---------------+

Currently, I RDP to a windows machine which bridges the networks. From the rdp desktop, I launch a vnc client to the vnc-server. The windows machine in the middle runs OpenSSH. Is there a way for me to use that so I can connect to the vnc-server directly?

My solutions for ssh and scp are currently:

ssh -J 192.168.1.22 10.10.1.44
scp -o=ProxyJump=192.163.1.22 10.10.1.44:file .

I'd prefer to leave the windows machine alone if possible and do this from the client side. That's because I actually have lots of these Windows bridges, each with an independent 10.10.1.x network with lots of VNC servers on each network. I'm using vinagre as a vnc client and x11vnc as the vnc server.

Stewart
  • 301
  • 1
  • 3
  • 10
  • 1
    Does this answer your question? [VNC connection via SSH proxy machine](https://serverfault.com/questions/216991/vnc-connection-via-ssh-proxy-machine) – chx Dec 17 '21 at 07:15

1 Answers1

1

If you already have a SSH connection, you just need to add a port forwarding:

ssh -J 192.168.1.22 -L 5990:127.0.0.1:5900 10.10.1.44

In -L 5990:127.0.0.1:5900 the 5990is an arbitrary port number for your local machine. You connect your VNC client to this port. The 127.0.0.1:5900 is the destination address and port. This assumes your VNC server runs on port 5900. The destination address 127.0.0.1 is from the point of view of the server, you can also replace it with 10.10.1.44.

RalfFriedl
  • 3,008
  • 4
  • 12
  • 17
  • 1
    Using 127.0.0.1 here also allows binding the VNC server to that address, so it is reachable *only* by ssh port-forwarding, if that is desired. I use that for my VMs, that is really handy. – Simon Richter Apr 15 '21 at 09:26
  • This doesn't work for me. https://serverfault.com/a/216994/64874 this one does, which in this case would be `ssh -L 5990:10.10.1.44:5900 192.168.1.22` – chx Dec 17 '21 at 04:37
  • @chx Then obviously you situation is less complicated if you don't need a jump host. – RalfFriedl Dec 17 '21 at 19:24
  • I do. Your version SSHs into the target specifying a jump host and building a tunnel on localhost, my version SSHs into the jump host and builds a tunnel using the target host. – chx Dec 20 '21 at 05:46